Configure
Keytab File
NOTE:
Generate
the Keytab file in the LDAP and Kerberos configured machine.
- The keytab file contains the secret encryption key that is used to decrypt the Kerberos ticket. Generate the keytab file and copy it to the Identity Server.
- On the Active Directory server, open a command prompt and enter the following ktpass command:ktpass /out <value> /princ <value> /mapuser <value> /pass <value>Refer to the following table for parametersParameterValueDescription/out<outputFilename>Define a name for the file, with.keytab as the extension. For example: nidpkey.keytab/princ<servicePrincipalName> @<KERBEROS_REALM>Define the service principal name for Identity Server, then enter @, followed by the Kerberos realm.The default Kerberos realm is the Active Directory domain name in all capitals.For example: ROCKWELL.LOCALNOTE:The Kerberos realm value is case sensitive./mapuser<identityServerUser>@<AD_DOMAIN>Define the username of Identity Server and the user Active Directory domain name./pass<userPassword>Define the password for the user.
For example:
|
- Ensure that the above highlighted command is in single line.
Provide Feedback